This script is Copyright (C) 2007-2015 Tenable Network Security, Inc.
The remote Mandrake Linux host is missing one or more security
A flaw in the t1lib library where an attacker could create a malicious
file that would cause tetex to crash or possibly execute arbitrary
code when opened (CVE-2007-4033).
Alin Rad Pop found several flaws in how PDF files are handled in
tetex. An attacker could create a malicious PDF file that would cause
tetex to crash or potentially execute arbitrary code when opened
(CVE-2007-4352, CVE-2007-5392, CVE-2007-5393).
A stack-based buffer overflow in dvips in tetex allows for
user-assisted attackers to execute arbitrary code via a DVI file with
a long href tag (CVE-2007-5935).
A vulnerability in dvips in tetex allows local users to obtain
sensitive information and modify certain data by creating certain
temporary files before they are processed by dviljk, which can then be
read or modified in place (CVE-2007-5936).
Multiple buffer overflows in dviljk in tetext may allow users-assisted
attackers to execute arbitrary code via a crafted DVI input file
The updated packages have been patched to correct this issue.
Update the affected packages.
Risk factor :
High / CVSS Base Score : 9.3
CVSS Temporal Score : 8.1
Public Exploit Available : false
Family: Mandriva Local Security Checks
Nessus Plugin ID: 28324 (mandrake_MDKSA-2007-230.nasl)
Bugtraq ID: 250792636726469
CVE ID: CVE-2007-4033CVE-2007-4352CVE-2007-5392CVE-2007-5393CVE-2007-5935CVE-2007-5936CVE-2007-5937
Upgrade to Nessus Professional today!
Start your free Nessus Cloud trial now!
Begin Free Trial
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.